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161 The coordinative functions of flight strips: air traffic control work revisited Q 
Johan Berndtsson, Maria Normark 

November 1999 Proceedings of the international ACM SIGGROUP conference on 
Supporting group work 

Full text available: "flpdfO 73 MB) Additional Information: full citation , abstract , references , citings, index 
i — | terms 

Cooperation in time-critical and physically distributed work settings, such as air traffic 
control, requires extensive coordination between the involved actors. For this coordination 
to be efficient the controllers rely both on the comprehensive use of rules and procedures, 
and on artifacts supporting them in following these procedures. At the Copenhagen Air 
Traffic Control Center this coordination is largely carried out through the use of a flight 
plan database system, paper flight strips, ... 

Keywords: CSCW, air traffic control, automation, closed-circuit television system, 
computerization, coordination, flight strips 



162 A measurement analysis of Internet traffic over frame relay 
Judith L. Jerkins, John Monroe, Jonathan L. Wang 

September 1999 ACM SIGMETRICS Performance Evaluation Review, volume 27 issue 2 
Full text available: ^ pdf(1.Q9 MB) Additional Information: full citation , abstract , index terms 

Various approaches have been proposed and implemented to relieve the congestion in the 
Public Switched Telephone Networks (PSTNs) induced by recent meteoric growth of 
Internet services. The Internet/Intranet Transiport Service (UTS) offered by the 
Southwestern Bell Telephone (SWBT) Company provides an example of one such 
implementation which off-loads the long-holding time data traffic from PSTNs to a packet 
technology (in this case Frame Relay).This paper describes analysis of 1997 IITS traffic ... 

163 Design of a high-performance ATM firewall 
Jun Xu, Mukesh Singhal 

August 1999 ACM Transactions on Information and System Security (TISSEC), volume 2 

Issue 3 

Full text available: ^pdf (143.19 KB ) Additional Information: full citation , abstract , references , index terms 

A router-based packet-filtering firewall is an effective way of protecting an enterprise 
network from unauthorized access. However, it will not work efficiently in an ATM network 
because it requires the termination of end-to-end ATM connections at a packet-filtering 
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router, which incurs huge overhead of SAR (Segmentation and Reassembly). Very few 
approaches to this problem have been proposed in the literature, and none is completely 
satisfactory. In this paper we present the hardware desig ... 

Keywords: TCP/IP, asynchronous transfer mode, firewall, packet filtering, switch 
architecture 



164 Papers: Effect of traffic knowled g e on the efficiency of admission-control policies 
Ljiljana Trajkovic, Arnie Neidhardt 

January 1999 ACM SIGCOMM Computer Communication Review, volume 29 issue l 
Full text available: ^| pdf(2,35 MB) Additional Information: full citation , abstract , references , citings 

We investigate the importance of understanding traffic characteristics for admission- 
control policies in packet networks. We compare the network utilization achieved with 
admission policies based on a partial knowledge of admitted traffic against the utilization 
that could be achieved with complete knowledge of traffic characteristics. Our quantitative 
study demonstrates that for realistic traffic traces the level of traffic knowledge 
dramatically affects admission control and improves network u ... 



165 Desig n of a hi gh- performance ATM firewall 
Jun Xu, Mukesh Singhal 

November 1998 Proceedings of the 5th ACM conference on Computer and 
communications security 

Full text available: 1 ^ pdf ( 1.27 MB ) Additional Information: full citation , references , index terms 



1 66 Dynamic capacit y allocation and hybrid multiplexin g techniq ue s for ATM wireless j 
LANs 

Anthony Burrell, Harold P. Stern, P. Papantoni-Kazakos 

September 1998 Mobile Networks and Applications, volume 3 issue 3 

Full text available* "B pdf (2 10 74 KB) Additional Information: full citation , abstract , references , citing s, index 
. [a) ■- terms 

We consider digital wireless multimedia LANs and time-varying traffic rates. To deal 
effectively with the dynamics of the time-varying traffic rates, a Traffic Monitoring 
Algorithm (TMA) is deployed to dynamically allocate channel capacities to the 
heterogeneous traffics. The TMA is implemented as a higher level protocol that dictates the 
capacity boundaries within two distinct framed transmission techniques: a Framed Time 
Domain-Based (FTDB) technique and a Framed CDMA (FCDMA) technique. T ... 

1 67 An object-based infrastructure for pro g ram monitorin g and steerin g I 
Greg Eisenhauer, Karsten Schwan 

August 1998 Proceedings of the SIGMETRICS symposium on Parallel and distributed 
tools 

Full text available: ^ pdf(1.50 MB) Additional Information: full citation , references , index terms 



1 68 Adaptive VBR video traffic management for higher utilization of ATM networks Q 
Girish Chiruvolu, Ravi Sankar, N. Ranganathan 

July 1998 ACM SIGCOMM Computer Communication Review, volume 28 issue 3 
Full text available: ^| pdf(905.90 KB) Additional Information: full citation , abstract , index terms 

The VBR video traffic exhibits high burstiness and correlation properties that are quite 



http://portal.acm.org/resultsxfm?query=traffic%20monitor% 2/18/05 



Results (page 9): traffic monitor p2p 



Page 3 of 5 



complex to be captured by a single traffic model. Efficient resource management based on 
few parameters of the source traffic is highly desirable. The real-time VBR video traffic has 
stringent quality of service (QoS) requirements such as delay (few milliseconds) and cell 
loss (1 in 10 - 5 ) that are difficult to achieve with good utilization (> 0.6) by static 
bandwidth allocation schemes. In ... 

Keywords: ATM network, dynamic bandwidth allocation, video traffic prediction 



169 Network monitoring system design 
Bob Barr, Sung Yoo, Tom Cheatham 

March 1998 ACM SIGCSE Bulletin , Proceedings of the twenty-ninth SIGCSE technical 

symposium on Computer science education, volume 30 issue i 
Full text available: ^£) pdf(646.81 KB) Additional Information: full citation , abstract , references , index terms 

Computer networks can be very useful, but difficult to manage. Current network 
management tools tend to be either very expensive or inadequate for classroom 
modification. XSNIFF is a project to develop an alternative network monitoring tool with a 
graphical display in the X-Window environment. XSNIFF uses an efficient network packet 
filtering system developed by Jacobson, Leres, and McCanne of Lawrence Berkeley 
Laboratory [Jacobson, 1994], to receive all network traffic from the network wire and ... 

170 Traffic descriptor mapping and traffic control for frame relay over ATM network 
Sudhir S. Dixit, Sharad Kumar 

February 1998 IEEE/ ACM Transactions on Networking (TON), volume 6 issue l 
Full text available: l g[ pdf(345.04 KB) Additional Information: full citation , references , index terms 



Keywords: ATM, cell relay, frame relay, quality of service, traffic management 




171 Applying the R MQN standard to switched environments 
Nathan Kalowski 

November 1997 International Journal of Network Management volume i issue 6 
Full text available: ^| pdf(431.41 KB) Additional Information: full citation , abstract , index terms 

As today's enterprise networks become increasingly complex, so Network Managers have 
an increasing need for effective tools to monitor and analyse them. This article discusses 
the RMON standard, and the groups it defines, from a practical persperspective. © 1997 
John Wiley & Sons, Ltd. 

172 Network Mana g ement & Monitorin g with Linux 
David Guerrero 

June 1997 Linux Journal 

Full text available: jj| html(26.92 KB) Additional Information: full citation , abstract , references , index terms 

Monitoring network activity is a necessity for today's managers. Here are some handy and 
easily accessible tools for doing so 

1 73 Transmission policies and traffic mana g ement in multimedia wireless networks 
Anthony Burrell, Harold P. Stern, P. Papantoni-Kazakos 

May 1997 Wireless Networks, volume 3 issue 2 

Full text available: ISpdf (358 34 KB) Additional Information: full citation , abstract , references , citing s, index 

t erms 
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We consider multimedia wireless networks in environments where traffic characterizations 
and traffic rates are generally time-varying. For such networks we propose a CDMA 
transmission policy, in conjunction with a moving boundaries concept induced by a traffic 
monitoring high-level protocol. The proposed transmission/traffic management technique 
is analyzed and numerically evaluated. 

1 74 S pectrum sharin g under the asynchronous UPCS etiquette: the performance of 
collocated systems under heavy load 
Ivan Vukovic, John McKown 

November 1996 Proceedings of the 2nd annual international conference on Mobile 
computing and networking 

Full text available: ^| pdf(534.68 KB) Additional Information: full citation , references , index terms 



175 Fault-tolerance in air traffic control systems 
Flaviu Cristian, Bob Dancey, Jon Dehn 

August 1996 ACM Transactions on Computer Systems (TOCS), volume 14 issue 3 

Full text available- fjQ pdf(264.57 KB) Additional Information: full citation , abstract , references , citings , index 

terms , review 

The distributed real-time system services developed by Lockheed Martin's Air Traffic 
Management group serve the infrastructure for a number of air traffic control systems. 
Either completed development or under development are the US Federal Aviation 
Administration's Display System Replacement (DSR) system, the UK Civil Aviation 
Authority's New Enroute Center (NERC) system, and the Republic of China's Air Traffic 
Control Automated System (ATCAS). These systems are intended to replace present ... 

Keywords: exception handling, failure, failure classification, failure masking, failure 
semantics, fault-tolerant systems, group communications, redundancy, server group, 
software robustness, system architecture 



17 6 Performance management issues in ATM networks: traffic and con g estion control 
Dominique Gaiti, Guy Pujolle 

April 1996 IEEE/ACM Transactions on Networking (TON), Volume 4 issue 2 
. Full text available: *g| pdf(984. 30 KB) Additional Information: full citation , references , citings , index terms 



177 In-service monitoring for cell loss quality of service violations in ATM networks 
Hongbo Zho, Victor S. Frost 

April 1996 IEEE/ ACM Transactions on Networking (TON), volume 4 issue 2 

Full text available: ^ pdf(908.56 KB) Additional Information: full citation , references , citing s, index terms 



178 Investi g ating monitoring confi g urations 
Hasina Abdu, Hanan Lutfiyya, Michael A. Bauer 

February 1996 Proceedings of the 1996 ACM symposium on Applied Computing 

Full text available: ^| pdf(685.0Q KB) Additional Information: full citation , references , citin gs, index terms 



Keywords: agents, configurations, directives, distributed systems, monitoring 
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1 79 A comparison of system monitoring methods, passive network monitoring and kernel Q 
instrumentation 

A. W. Moore, A. J. McGregor, j. W. Breen 

January 1996 ACM SIGOPS Operating Systems Review, Volume 30 issue l 

Full text available: ^jC] pdf(1.89 MB) Additional Information: full citation , abstract , index terms 

This paper presents the comparison of two methods of system monitoring, passive 
network monitoring and kernel instrumentation. The comparison is made on the basis of 
passive network monitoring being used as a replacement for kernel instrumentation in 
some situations. Despite the fact that the passive network monitoring technique is shown 
to perform poorly as a direct replacement for kernel instrumentation, this paper indicates 
the areas where passive network monitoring could be used to the great ... 

1 80 Multi-hour , multi-traffic class network desi g n for virtual path-based dynamicall y Q 
reconfigurable wide-area ATM networks 

D. Medhi 

December 1995 IEEE/ ACM Transactions on Networking (TON), volume 3 issue 6 

Full text available: ^| pdf(1.12 MB) Additional Information: full citation , references , citings , index terms 



Keywords: duality and subgradient optimization, dynamic virtual path routing, multi-hour 
network capacity design, on-off fluid flow model, optimization model, wide-area ATM 
networks 
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141 Passive measurements: New directions in traffic measurement and accounting 
Cristian Estan, George Varghese 

November 2001 Proceedings of the 1st ACM SIGCOMM Workshop on Internet 
Measurement 

Additional Information: full citatio n, abstract, references, cit ings, in de x 
terms 



Full text available:^ pdf( 1. 18 MB ) 



Accurate network traffic measurement is required for accounting, bandwidth provisioning, 
and detecting DOS attacks. However, keeping a counter to measure the traffic sent by 
each of a million concurrent flows is too expensive (using SRAM) or slow (using DRAM). 
The current state-of-the-art (e.g., Cisco NetFlow) methods which count periodically 
sampled packets are slow, inaccurate, and memory-intensive. Our paper introduces a 
paradigm shift by concentrating on the problem of measuring only "heavy" ... 

142 Passive measurements: Characteristics of network traffic flow anomalies 
Paul Barford, David Plonka 

November 2001 Proceedings of the 1st ACM SIGCOMM Workshop on Internet 
Measurement 
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PingTV generates a logical map of a network that is used as an overlay on a physical 
geographical image of the location from the user perspective (buildings, floors within 
buildings, etc.). PingTV is used at Illinois State University as a visualization tool to 
communicate real-time network conditions to the university community via a dedicated 
channel on the campus cable TV system. Colored symbols allow students and staff to 
discern high-congestion "rush hours" and understand why their specific ... 

Keywords: active network measurement, network visualization, real-time television 
monitoring system 
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cost approach 
Carol Taylor, Jim Alves-Foss 

September 2001 Proceedings of the 2001 workshop on New security paradigms 



A new approach to network intrusion detection is needed to solve the monitoring problems 
of high volume network data and the time constraints for Intrusion Detection System 
(IDS) management. Most current network IDS's have not been specifically designed for 
high speed traffic or low maintenance. We propose a solution to these problems which we 
call NATE, Network Analysis of Anomalous Traffic Events. Our approach features minimal 
network traffic measurement, an anomaly-based detection method, and ... 

146 A comprehensive approach to signaling, transmission, and traffic management for 

wireless ATM networks 

Anthony Burrell, P. Papantoni-Kazakos 

September 2001 Wireless Networks, volume 7 issue 4 

Full text available: ^| pdf(331.30 KB) Additional Information: full citation , abstract , references , index terms 

We propose and evaluate a signaling and transmission algorithmic system for wireless 
digital networks, in conjunction with a Traffic Monitoring Algorithm (TMA) for dynamic 
capacity allocation in multimedia ATM environments. The deployed signaling protocol is 
stable, and two transmission techniques are compared: a Framed Time-Domain Based 
(FTDB) technique and a Framed CDMA (FCDMA) technique. The overall 
signaling/transmission/traffic monitoring proposed system has powerful performance 
characteris ... 

Keywords: multimedia environments, signaling and transmission, traffic monitoring, 
wireless 
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With the increasing number of mobile commerce facilities, there are challenges in 
providing customers useful recommendations about interesting products and services. 

In this paper a Peer-to-Peer (P2P) based collaborative filtering architecture for the support 
of product and service recommendations for mobile customers is considered. Mobile 
customers are represented by software assistant agents that act like peers in the 
processing of recommendations. 
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Cameron Ross Dunne 

June 2001 ACM SIGecom Exchanges, volume 2 issue 3 

Full text available; Q pdf(42.35 KB ) Additional Information: full citation , abstract , references , index terms 

Peer-to-Peer networks continue to grow in popularity. However network resource 
discovery still remains a substantial problem within them. In this paper we will cover some 
of the more popular current solutions to this problem. We will then propose a mobile agent 
based solution to allow for dynamic network resource discovery. 

Keywords: Peer-to-Peer, mobile agents, resource discovery 
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149 Derivin g traffic demands for operational IP networks: methodology and experience 
Anja Feldmann, Albert Greenberg, Carsten Lund, Nick Reingold, Jennifer Rexford, Fred True 
June 2001 IEEE/ACM Transactions on Networking (TON), volume 9 issue 3 

Full text available: f£L pdf( 212 92 KB) Additional Information: full citation, abstract, references, citings, index 
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Engineering a large IP backbone network without an accurate network-wide view of the 
traffic demands is challenging. Shifts in user behavior, changes in routing policies, and 
failures of network elements can result in significant (and sudden) fluctuations in load. In 
this paper, we present a model of traffic demands to support traffic engineering and 
performance debugging of large Internet Service Provider networks. By defining a traffic 
demand as a volume of load originating from an Ingres ... 

Keywords: Internet, measurement, routing, traffic engineering 
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We describe a method for monitoring Voice over IP (VoIP) applications based upon a 
reduction of the ITU-T's E-Model to transport level, measurable quantities. In the process, 
1) we identify the relevant transport level quantities, 2) we discuss the tradeoffs between 
placing the monitors within the VoIP gateways versus placement of the monitors within 
the transport path, and 3) we identify several areas where further work and consensus 
within the industry are required. We discover that the releva ... 
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This paper presents a brief survey of current QoS monitoring-related mechanisms, 
followed by a discussion of the challenges involved in providing QoS distribution 
monitoring. Several approaches are then proposed to meet these challenges. Finally, the 
issues that remain open are discussed. Copyright © 2000 John Wiley & Sons, Ltd. 

153 A hierarchical multicast monitoring scheme 
Joerg Walz, Brian Neil Levine 

November 2000 Proceedings of NGC 2000 on Networked group communication 

Full text available:^ pdf(1 .29 MB) Additional Information: full citation , abstract , references , index terms 

Deployment of multicast routing services in corporate networks and Internet Service 
Providers is still tentative. Among other problems, there is a lack of monitoring and 
management tools and systems. Previous work in multicast management has failed to 
address the scalability problem present in multicast fault isolation and reporting. We 
propose a hierarchical, passive monitoring scheme, HPMM, that relies on a series of pre- 
deployed, self-organized monitoring daemons. With HPMM, fault message ... 
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Full text available:^ pdf(1. 14 MB ) Additional Information: full citation , abstract , references , citings 

Internet multimedia traffic is increasing as applications like streaming media and packet 
telephony grow in popularity. It is important to monitor the volume and characteristics of 
this traffic, particularly because its behavior in the face of network congestion differs from 
that of the currently dominant TCP traffic. To monitor traffic on a high-speed link for 
extended periods, it is not practical to blindly capture all packets that traverse the link. We 
present mmdump, a tool that parse ... 
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im plementin g an inte g rated and automated network maintenance platform for 
enhancin g wide area transaction access services 

Symeon Papavassiliou, Mike Pace 

September 2000 International Journal of Network Management volume 10 issue 5 

Full text available:^] pdf (96 1.05 KB ) Additional Information: full citation , abstract , references , index terms 

The design and implementation of integrated and automated network-service 
management platforms that can seamlessly configure services, monitor service-network 
performance, and detect network faults are of great importance and interest to the service 
and network providers. In this paper we describe a set of integrated Operations Support 
Systems &lpar;OSS&rpar; that implement proactive network maintenance process in Wide 
Area Transaction Access Services. Copyright © 2000 John ... 
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This paper presents two schemes, relevant monitor &lpar;RM&rpar;-based and improved 
relevant monitor &lpar;IRM&rpar;-based, for QoS distribution monitoring. With these 
schemes, when monitoring a real-time flow, a network manager can locate relevant 
monitors that are metering the flow. Copyright © 2000 John Wiley & Sons, Ltd. 
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Ren-Hung M. Hwang, Pao-Ta M. Yu 

February 2000 International Journal of Network Management volume 10 issue l 

Full text available: t g) pdf(379.71 KB ) Additional Information: full citation , abstract , references , index terms 

In this paper, we propose a PRO-active Monitoring System &lpar;PROMS&rpar; for SS7 
networks, which actively monitors all signaling network management messages of SS7 
networks, alerts operators when there is a potential network error, and provides intelligent 
diagnosis based on fuzzy logic and neural networks. Copyright © 2000 John Wiley & Sons, 
Ltd. 
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December 1999 ACM Transactions on Computer-Human Interaction (TOCHI), volume 6 
Issue 4 
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Air traffic control is a complex, safety-critical activity, with well-established and successful 
work practices. Yet many attempts to automate the existing system have failed because 
controllers remain attached to a key work artifact: the paper flight strip. This article 
describes a four-month intensive study of a team of Paris en-route controllers in order to 
understand their use of paper flight strips. The article also describes a comparison study of 
eight different control rooms in Franc ... 

Keywords: activity theory, affordances; air traffic control, annotation, ethnographic 
study, paper flight strips, peripheral awareness, safety factors 
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We describe a simple but effective traffic model that can be used to understand the effects 
of denial-of-service (DoS) attacks based on query floods in Gnutella networks. We run 
simulations based on the model to analyze how different choices of network topology and 
application level load balancing policies can minimize the effect of these types of DoS 
attacks. In addition, we also study how damage caused by query floods is distributed 
throughout the network, and how application-level policies ca ... 
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2004 conference on Applications, technologies, architectures, and 
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Name services are critical for mapping logical resource names to physical resources in 
large-scale distributed systems. The Domain Name System (DNS) used on the Internet, 
however, is slow, vulnerable to denial of service attacks, and does not support fast updates. 
These problems stem fundamentally from the structure of the legacy DNS.This paper 
describes the design and implementation of the Cooperative Domain Name System 
(CoDoNS), a novel name service, which provides high lookup performance thro ... 

Keywords: DNS, peer to peer, proactive caching 
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Proxy-network based overlays have been proposed to protect Internet Applications against 
Denial-of-Service attacks by hiding an application's location. We study how a proxy 
network's topology influences the effectiveness of location-hiding. We present two theorems 
which quantitatively characterize when proxy networks are robust against attacks 
(attackers' impact can be quickly and completely removed), and when they are vulnerable 
to attacks (attackers' impact cannot be completely removed). Us ... 

4 A churn-resistant peer-to-peer web caching s ystem 
Prakash Linga, Indranil Gupta, Ken Birman 

October 2003 Proceedings of the 2003 ACM workshop on Survivable and self- 
regenerative systems: in association with 10th ACM Conference on 
Computer and Communications Security 

Full text available: ^£)pdf(1.Q7 MB) Additional Information: full citation , abstract , references 

Denial of service attacks on peer-to-peer (p2p) systems can arise from sources otherwise 
considered non-malicious. We focus on one such commonly prevalent source, called 
"churn". Churn arises from continued and rapid arrival and failure (or departure) of a large 
number of participants in the system, and traces from deployments have shown that it can 
lead to extremely stressful networking conditions. It has the potential to increase host loads 
and block a large fraction of normal insert and lo ... 
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Victor L. Voydock, Stephen T. Kent 
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Emerging economic P2P applications share the common need for an efficient, secure 
payment mechanism. In this paper, we present PPay, a micropayment system that exploits 
unique characteristics of P2P systems to maximize efficiency while maintaining security 
properties. We show how the basic PPay protocol far outperforms existing micropayment 
schemes, while guaranteeing that all coin fraud is detectable, traceable and unprofitable. 
We also present and analyze several extensions to PPay that furthe ... 
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Full text available: ^|pdf( 517.77 KB) Additional Information: full citation , abstract , references , index terms 

Distributed computer architectures labeled "peer-to-peer" are designed for the sharing of 
computer resources (content, storage, CPU cycles) by direct exchange, rather than 
requiring the intermediation or support of a centralized server or authority. Peer-to-peer 
architectures are characterized by their ability to adapt to failures and accommodate 
transient populations of nodes while maintaining acceptable connectivity and 
performance. Content distribution is an important peer-to-peer application ... 

Keywords: Content distribution, DHT, DOLR, grid computing, p2p, peer-to-peer 
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We describe the work we are conducting on new middleware services for dependable and 
secure mobile systems. This work is based on approaches a la peer-to-peer in order to 
circumvent the problems introduced by the lack of infrastructure in self-organizing networks 
of mobile nodes, such as MANETs. The mechanisms we propose are based on collaboration 
between peer mobile devices to provide middleware services such as trust management 
and critical data storage. This short paper gives a brie ... 

Keywords: collaboration, data back-up, mobile applications 
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Denial of service (DoS) attacks continue to threaten the reliability of networking systems. 
Previous approaches for protecting networks from DoS attacks are reactive in that they wait 
for an attack to be launched before taking appropriate measures to protect the network. 
This leaves the door open for other attacks that use more sophisticated methods to mask 
their traffic. We propose an architecture called Secure Overlay Services (SOS) that 
proactively prevents DoS attacks, geared toward supportin ... 
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We describe JFK, a new key exchange protocol, primarily designed for use in the IP Security 
Architecture. It is simple, efficient, and secure; we sketch a proof of the latter property. JFK 
also has a number of novel engineering parameters that permit a variety of trade-offs, most 
notably the ability to balance the need for perfect forward secrecy against susceptibility to 
denial-of-service attacks. 

Keywords: cryptography, denial of service attacks 



12 Interoperability of peer-to-peer file sharing protocols 
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June 2002 ACM SIGecom Exchanges, volume 3 issue 3 

Full text available:^) pdf(42. 71 KB) Additional Information: full citation , abstract , references , index terms 

Peer-to-Peer (P2P) file sharing software has brought a hot discussion on P2P file sharing 
among all businesses. Freenet, Gnutella, and Napster are the three most popular P2P file 
sharing applications. They use three distinct protocols and these protocols come with 
different characteristics. In this paper, we discuss the protocols of these P2P file sharing 
applications, in terms of the methodologies used for peer registry, query and content 
sharing. In order to maximize the benefit of P2P file sh ... 

Keywords: Gnutella, Napster, Peer-to-Peer 
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Damien Le Moal, Tadashi Takeuchi, Tadaaki Bandoh 

December 2002 Proceedings of the tenth ACM international conference on Multimedia 

Full text available:^) pdf(271.85 KB) Additional Information: full citation , abstract , references , index terms 

High performance and high quality for continuous media stream delivery needed by 
streaming server systems cannot be achieved efficiently using general-purpose operating 
systems, due to the overhead of the I/O mechanism implementation generally used. Special 
OS combined with powerful hardware can deliver better performance and quality but 
increases development complexity and deployment costs. The External I/O Engine 
Architecture adopts a hybrid approach, implementing streaming engines using the s ... 

Keywords: audio/video streaming, operating system, quicktime, real-time 
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Full text available: ^[pdf(1 07.75 KB) Additional Information: full citatio n, abstract , r eferenc es, index terms 

Current routing protocols are monolithic, specifying the algorithm used to construct 
forwarding tables, the metric used by the algorithm (generally some form of hop-count), 
and the protocol used to distribute these metrics as an integrated package. The Flexible 
Intra-AS Routing Environment (FIRE) is a link-state, intra-domain routing protocol that 
decouples these components. FIRE supports run-time-pro- grammable algorithms and 
metrics over a secure link-state distribution protocol. By allow ... 
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Full text available: pdf(256.51 KB) Additional Information: full citation , abstract , references 

Since the Morris worm was unleashed in 1988, distributed denial-of-service (DDoS) attacks 
via worms and viruses have continued to periodically disrupt the Internet. Client puzzles 
have been proposed as one mechanism for protecting protocols against denial of service 
attacks. In this paper, we argue that such puzzles must be placed within the slim waistline 
of the TCP/IP protocol stack in order to truly provide protection. We then describe several 
scenarios in which TCP/IP puzzles could be ... 
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networks 

Full text available: l g|pdf (191.02 KB ) Additional Information: full citation , abstract , references , index terms 

Peer-to-Peer (P2P) applications and services are very common in today's computing. The 
popularity of the P2P paradigm prompts the need for specialized security services which 
makes P2P security an important and challenging research topic. Most prior work in P2P 
security focused on authentication, key management and secure communication. However, 
an important pre-requisite for many P2P security services is secure admission, or how one 
becomes a peer in a P2P setting. This issue has been he ... 

Keywords: access control, admission control, group membership, mobile ad-hoc networks, 
peer-to-peer, performance, security 
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This paper studies the problem of resource discovery in unstructured peer-to-peer (P2P) 
systems. We propose simple policies that make the discovery of resources resilient to 
coordinated attacks by malicious nodes. We focus on a novel P2P protocol called GUESS [8] 
that uses a pong cache, a set of currently known nodes, to discover new ones. We define a 
simple, abstract model of a GUESS network,and We describe how to limit pong cache 
poisoning, a condition in which the ids of malicious nodes ap ... 

Keywords: denial-of-service, peer-to-peer, security 
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terms 

The Internet service model emphasizes flexibility - any node can send any type of traffic at 
any time. While this design has allowed new applications and usage models to flourish, it 
also makes the job of network management significantly more challenging. This paper 
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describes a new method of traffic characterization that automatically groups traffic into 
minimal clusters of conspicuous consumption. Rather than providing a static analysis 
specialized to capture flows, applications, or network-to ... 

Keywords: data mining, network monitoring, traffic measurement 
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Identifying anomalies rapidly and accurately is critical to the efficient operation of large 
computer networks. Accurately characterizing important classes of anomalies greatly 
facilitates their identification; however, the subtleties and complexities of anomalous traffic 
can easily confound this process. In this paper we report results of signal analysis of four 
classes of network traffic anomalies: outages, flash crowds, attacks and measurement 
failures. Data for this study consists of IP flow ... 
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Changhua He, John C. Mitchell 
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Full text available: *g| pdf( 328.36 KB ) Additional Information: full citation , abstract , references , index terms 

802. Hi is an IEEE standard designed to provide enhanced MAC security in wireless 
networks. The authentication process involves three entities: the supplicant (wireless 
device), the authenticator (access point), and the authentication server (e.g., a backend 
RADIUS server). A 4-Way Handshake must be executed between the supplicant and the 
authenticator to derive a fresh pairwise key and/or group key for subsequent data • 
transmissions. We analyze the 4-Way Handshake protocol using a finite-state ve ... 

Keywords: 4-way handshake, 802. Hi, WLAN, authentication, denial-of-service, key 
management 
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Full text available 1 1?]_pdf(1 50 MB} Additional Information: full citation , abstract , references , citings, index 

t erms 

A Resilient Overlay Network (RON) is an architecture that allows distributed Internet 
applications to detect and recover from path outages and periods of degraded performance 
within several seconds, improving over today's wide-area routing protocols that take at 
least several minutes to recover. A RON is an application-layer overlay on top of the 
existing Internet routing substrate. The RON nodes monitor the functioning and quality of 
the Internet paths among themselves, and use this information ... 
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Iliya K. Georgiev, Ivo I. Georgiev 

October 2001 Journal of Computing Sciences in Colleges, volume 17 issue l 

Full text available: 1 ^ pd f(47.43 KB) Additional Information: full citation , abstr a ct , refer e n ces , index terms 

This paper presents a multi-tier model for secure computing as a teaching method 
platform. The security model is based on establishing the trustworthiness and role of each 
component in a distributed computing environment: trusted users, trusted servers, trusted 
administrators, untrusted client, untrusted communication media and intermediate 
systems, etc. The model provides a basis for teaching and for program system design. The 
security dimensions (both social and technical) can be considered in ... 
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Paul Francis, Sugih Jamin, Cheng Jin, Yixin Jin, Danny Raz, Yuval Shavitt, Lixia Zhang 
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Full text available: ^| pdf(267.64 KB) Additional Information: full citation, abstract, references , citings, index 

terms 

There is an increasing need to quickly and efficiently learn network distances, in terms of 
metrics such as latency or bandwidth, between Internet hosts. For example, Internet 
content providers often place data and server mirrors throughout the Internet to improve 
access latency for clients, and it is necessary to direct clients to the nearest mirrors based 
on some distance metric in order to realize the benefit of mirrors. We suggest a scalable 
Internet-wide architecture, called IDMaps, which m ... 



http://portal.acm.org/results.cfm?query=denial%20service%20peer&querydisp 2/18/05 



Results (page 9): denial service peer 



Page 2 of 5 



Keywords: Distributed algorithms, modeling, network service, scalability 



164 Current research trends in internet servers 
K. Kant, Prasant Mohapatra 

September 2001 ACM SIGMETRICS Performance Evaluation Review, volume 29 issue 2 
Full text available: ^] pdf(36676 KB ) Additional Information: full citation , references 



165 ipnL: A NAT-extended internet architecture 
Paul Francis Ramakrishna 

August 2001 ACM SIGCOMM Computer Communication Review , Proceedings of the 
2001 conference on Applications, technologies, architectures, and 
protocols for computer communications, volume 3i issue 4 

Full text available: *g?) pdf ( 241.65 KB ) Additional Information: full citation , references , citings, index terms 



166 Hash-based IP traceback Q 
Alex C. Snoeren 

August 2001 ACM SIGCOMM Computer Communication Review , Proceedings of the 
2001 conference on Applications, technologies, architectures, and 
protocols for computer communications, volume 3i issue 4 

Full text available: ^ pdf(179.03 KB) Additional Information: full citation , references , citings , index terms 



167 On the effectiveness of route-based packet filtering for distributed DoS attack 
prevention in power-law internets 
Kihong Park, Heejo Lee 

August 2001 ACM SIGCOMM Computer Communication Review , Proceedings of the 
2001 conference on Applications, technologies, architectures, and 
protocols for computer communications, volume 3i issue 4 

Full text available: ffl pdf(313.26 KB) Additional Information: full citation , references , citings , index terms 



168 A scalable content-addressable network 

Sylvia Ratnasamy, Paul Francis, Mark Handley, Richard Karp, Scott Schenker 
August 2001 ACM SIGCOMM Computer Communication Review , Proceedings of the 
2001 conference on Applications, technologies, architectures, and 
protocols for computer communications, volume 3i issue 4 
Full text available: ^|pdf(155.64 KB) Additional Information: full citation , references , citing s, index terms 



1 69 Rethinking the design of the Internet: the end-to-end arguments vs. the brave new Q 
world 

Marjory S. Blumenthal, David D. Clark 

August 2001 ACM Transactions on Internet Technology (TOIT), volume i issue l 

Full text available* Q pdf(1 76 33 KB) Add ' tJonal Information: full citation , abstract , references , citings, index 

This article looks at the Internet and the changing set of requirements for the Internet as 
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it becomes more commercial, more oriented toward the consumer, and used for a wider 
set of purposes. We discuss a set of principles that have guided the design of the Internet, 
called the end-to-end arguments, and we conclude that there is a risk that the range of 
new requirements now emerging could have the consequence of compromising the 
Internet's original design principles. Were ... 

Keywords: ISP, Internet, end-to-end argument 
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Attackers can render distributed denial-of-service attacks more difficult to defend against 
by bouncing their flooding traffic off of reflectors; that is, by spoofing requests from the 
victim to a large set of Internet servers that will in turn send their combined replies to the 
victim. The resulting dilution of locality in the flooding stream complicates the victim's 
abilities both to isolate the attack traffic in order to block it, and to use traceback 
techniques for locating the source ... 

171 Deriving traffic demands for operational IP networks: methodolo g y and experience 
Anja Feldmann, Albert Greenberg, Carsten Lund, Nick Reingold, Jennifer Rexford, Fred True 
June 2001 IEEE/ ACM Transactions on Networking (TON), volume 9 issue 3 



Engineering a large IP backbone network without an accurate network-wide view of the 
traffic demands is challenging. Shifts in user behavior, changes in routing policies, and 
failures of network elements can result in significant (and sudden) fluctuations in load. In 
this paper, we present a model of traffic demands to support traffic engineering and 
performance debugging of large Internet Service Provider networks. By defining a traffic 
demand as a volume of load originating from an ingres ... 

Keywords: Internet, measurement, routing, traffic engineering 
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This paper proposes GIA, a scalable architecture for global IP-anycast. Existing designs for 
providing IP-anycast must either globally distribute routes to individual anycast groups, or 
confine each anycast group to a pre-configured topological region. The first approach does 
not scale because of excessive growth in the routing tables, whereas the second one 
severely limits the utility of the service. Our design scales by dividing inter-domain anycast 
routing into two components. The first compo ... 

Keywords: anycast, architecture, internet, routing, scalable 
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The importance of an IS unit's level of service to its internal customers (i.e., end-users) is 
well recognized (Kettinger and Lee, 1994; Pitt, Watson and Kavan, 1995; Kang and 
Bradley, 1999). In fact, the level of service provided by the IS unit to its internal 
customers can ultimately impact the organization's level of service to its external 
customers, as the IS unit contributes to the overall organizational climate for service 
(Schneider, White, and Paul, 1998). Much of the research on IS ... 

Keywords: information systems service, organizational variables, service instruments, 
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We describe a model of self-administering data. In this model, a declarative description of 
how a data object should behave is attached to the object, either by a user or by a data 
input device. A widespread infrastructure of self-administering data handlers is presumed 
to exist; these handlers are responsible for carrying out the specifications attached to the 
data. Typically, the specifications express how and to whom the data should be 
transferred, how it should be incorporated when it i ... 
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file system, file sharing, peer to peer, scalable update propagation, self-administering data 



178 Testing Intrusion detection systems: a critique of the 1998 and 1999 DARPA intrusion 
detection system evaluations as performed by Lincoln Laboratory 

November 2000 ACM Transactions on Information and System Security (TISSEC), 

Volume 3 Issue 4 



http://portal.acm.org/resultsxfm?query=denial%20service%20peer&que 2/18/05 



Results (page 9): denial service peer 



Page 5 of 5 



Full text available: pdf(156.16 KB) Additional Information: full citation , abstract , references , citings , index 

terms , review 

In 1998 and again in 1999, the Lincoln Laboratory of MIT conducted a comparative 
evaluation of intrusion detection systems (IDSs) developed under DARPA funding. While 
this evaluation represents a significant and monumental undertaking, there are a number 
of issues associated with its design and execution that remain unsettled. Some 
methodologies used in the evaluation are questionable and may have biased its results. 
One problem is that the evaluators have published relatively little concer ... 
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